Dark web scammers exploit Covid-19 fear and doubt

BBC Technology 18 May 2020 11:03
By Sooraj Shah Technology of Business reporter
Dark Web creative shotImage copyright Getty Images

"They're exploiting the fear, uncertainty and doubt people are experiencing during the pandemic, and using the anxiety and desperation to get people to buy things or click on things they wouldn't have otherwise," says Morgan Wright, a former senior adviser to the US Department of State anti-terrorism assistance programme.

He's talking about the scammers and criminals that inhabit the "dark web" who have found a new angle - anxiety over Covid-19.

Mr Wright, who is now chief security adviser at security software company SentinelOne, used to teach behavioural analysts at the US National Security Agency (NSA) about the exploitation of human behaviour.

He is now seeing some of those techniques being used on the dark web, an encrypted part of the internet that can be accessed using popular networks such as Tor.

Tor is a way to access the internet that requires software, known as the Tor browser, to use it.

It was originally designed by the US Naval Research Laboratory, and continues to receive funding from the US State Department.

Encryption applied at each hop along this route makes it very hard to connect a person to any particular activity.

Criminals hope a heightened sense of fear will make people rush to buy these products, and as a result these items are not cheap; an Australian Institute of Criminology report found the average fake vaccine was being sold for about $370 (£300), while one supposedly sourced from China was selling for between $10-15,000 (£8-12,000).

Many criminals also see an opportunity - as the majority of people are working from home, there is a greater chance of lax cyber security in place.

Phishing scams have also been on the rise. These are where fraudsters pretend to be a different organisation or person by email, hoping the person will provide some login details or personal data, which can then be used to steal money or someone's identity.

"Now there are Covid-19 related phishing templates making their way into all of the phishing kits that are available on the dark web - meaning people can imitate Apple or LinkedIn with a set of standard templates," he adds.

"There are people who have been specialising in phishing pages, shady VPNs or spamming services for a number of years, who are now offering discounts because they believe it's the best time to make money and spread these kits," says Liv Rowley, threat intelligence analyst at Blueliv, a computer and network security firm.

The dark web was designed by the US Naval Research Laboratory, with the idea of enabling human rights activists and people within the military to talk and collaborate in a secure, anonymous way.

According to Mr Malik, these forums have often been used to fuel conspiracy theories around the virus.

As social media companies and other news outlets crack down on misinformation, many others may be pushed onto the dark web. These forums often act as a gateway to marketplaces, for people to plug their products or services to a targeted audience. This could be a way for fraudsters to make further money in the months to come.

The flipside to this is that many journalists, activists and citizens may be using the dark web to communicate in countries where there is a lot of censorship. Tor versions of many news outlets, including the BBC and New York Times, may be used if the original sites are blocked by governments or states, for instance.

Two ransomware groups had said they would not attack any hospitals or healthcare organisations during the pandemic, but as Foreign Secretary Dominic Raab outlined in a recent press briefing, there is evidence that criminal gangs are actively targeting national and international organisations that are responding to the pandemic - including hospitals.

The co-ordination and orchestration of many of these attacks often begin on the dark web.

"We are seeing more offerings on the dark web specifically for healthcare-related information and for targeting healthcare facilities and doctors. There's even a database someone has created on the dark web with all kinds of information about medical staff," says Etay Maor from IntSights.

"That's the double-edged sword that as a society we haven't quite worked out: how do we safeguard freedom of speech and ensure privacy, but at the same time track down and stop people abusing those freedoms?" says Javvad Malik.

Continue reading original article...


IntSightsMorgan WrightUS Department of State antiSentinelOneUS National Security Agency
You may also like